dougb 2010-07-17 07:54:40 UTC
FreeBSD ports repository
Modified files:
dns/bind97 Makefile distinfo
Log:
Updgrade to version 9.7.1-P2 which addresses a DNSSEC-related bug.
If a query is made explicitly for a record of type 'RRSIG' to a validating
recursive server running BIND 9.7.1 or 9.7.1-P1, and the server has one or
more trust anchors configured statically and/or via DLV, then if the answer
is not already in cache, the server enters a loop which repeatedly generates
queries for RRSIGs to the authoritative servers for the zone containing the
queried name.
CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0213
CERT: http://www.kb.cert.org/vuls/id/211905
Versions affected: 9.7.1, 9.7.1-P1
Severity: High
Exploitable: remotely
http://www.isc.org/software/bind/advisories/cve-2010-0213
Revision Changes Path
1.10 +2 -2 ports/dns/bind97/Makefile
1.8 +6 -6 ports/dns/bind97/distinfo